This week Jonathan Bennett chats with Lori Lorusso and Steve Hoffman, the Head of Community and SVP of engineering at Percona, the open source database experts.
Continue reading “FLOSS Weekly Episode 799: Still Open Source At Percona”
Hackaday Columns4277 Articles
This excellent content from the Hackaday writing crew highlights recurring topics and popular series like Linux-Fu, 3D-Printering, Hackaday Links, This Week in Security, Inputs of Interest, Profiles in Science, Retrotechtacular, Ask Hackaday, Teardowns, Reviews, and many more.
3D Printering: Switch And Klip(per)
Last time I tried to convince you that, if you haven’t already, you should try running your 3D printer with Klipper. There are several ways to actually make it work.
The first thing you need is something to run the Klipper host. Most people use a Raspberry Pi and if you already have one that runs OctoPrint, for example, you might well use it. Just tuck your SD card away in case you give up and install a fresh Linux system on a new card.
However, a Pi isn’t your only option. You should be able to make it work on nearly anything that runs Linux. We’ve even seen it running on Windows under WSL. If you have an old laptop that can run Linux, that would work, too. We’ve even heard it works on a Chromebook.
The other option is to get a “pad.” Several vendors make touchscreens with some Linux single-board computer bundled together with Klipper preinstalled. For example, there is the Creality Sonic Pad, along with similar devices from other 3D printing companies.
If you decide to go that route, you might want to make sure it is easy to install your own software easily. Some pads, like the Creality unit, are notorious for having so much customization that they don’t lend themselves to upgrades unless they come from the manufacturer. In some cases, you can wipe out the stock firmware and install a normal operating system, but at that point, you could probably just buy a Pi and a touchscreen, right?
Hackaday Links: September 1, 2024
Why is it always a helium leak? It seems whenever there’s a scrubbed launch or a narrowly averted disaster, space exploration just can’t get past the problems of helium plumbing. We’ve had a bunch of helium problems lately, most famously with the leaks in Starliner’s thruster system that have prevented astronauts Butch Wilmore and Suni Williams from returning to Earth in the spacecraft, leaving them on an extended mission to the ISS. Ironically, the launch itself was troubled by a helium leak before the rocket ever left the ground. More recently, the Polaris Dawn mission, which is supposed to feature the first spacewalk by a private crew, was scrubbed by SpaceX due to a helium leak on the launch tower. And to round out the helium woes, we now have news that the Peregrine mission, which was supposed to carry the first commercial lander to the lunar surface but instead ended up burning up in the atmosphere and crashing into the Pacific, failed due to — you guessed it — a helium leak.
Continue reading “Hackaday Links: September 1, 2024”
Hackaday Podcast Episode 286: Showing Off SAOs, Hiding From HOAs, And Beautiful Byproducts
Even when the boss is away, the show must go on, so Dan slid back behind the guest mic and teamed up with Tom to hunt down the freshest of this week’s hacks. It was a bit of a chore, with a couple of computer crashes and some side-quests down a few weird rabbit holes, but we managed to get things together in the end.
Tune in and you’ll hear us bemoan HOAs and celebrate one ham’s endless battle to outwit them, no matter what the golf cart people say about his antennas. Are you ready to say goodbye to the magnetic stripe on your credit card? We sure are, but we’re not holding our breath yet. Would you 3D print a 55-gallon drum? Probably not, but you almost can with a unique Cartesian-polar hybrid printer. And, if you think running MS-DOS on a modern laptop is hard, guess again — or, maybe you just have to get really lucky.
We also took a look at a digital watch with a beautiful display, a hacked multimeter, modern wardriving tools, switchable magnets, and debate the eternal question of v-slot wheels versus linear bearings. And finally, you won’t want to miss our look at what’s new with 3D scanning, and the first installment of Kristina’s new “Boss Byproducts” series, which delves into the beauty of Fordite.
This Week In Security: The Rest Of The IPv6 Story, CVE Hunting, And Hacking The TSA
We finally have some answers about the Windows IPv6 vulnerability — and a Proof of Concept! The patch was a single change in the Windows TCP/IP driver’s Ipv6pProcessOptions(), now calling IppSendError() instead of IppSendErrorList(). That’s not very helpful on its own, which is why [Marcus Hutchins]’s analysis is so helpful here. And it’s not an easy task, since decompiling source code like this doesn’t give us variable names.
The first question that needs answered is what is the list in question? This code is handling the option field in incoming IPv6 packets. The object being manipulated is a linked list of packet structs. And that linked list is almost always a single member list. When calling IppSendErrorList() on a list with a single member, it’s functionally equivalent to the IppSendError() in the fixed code. The flaw must be in the handling of this list with multiple members. The only way to achieve that criteria is to send a lot of traffic at the machine in question, so it can’t quite keep up with processing packets one at a time. To handle the high throughput, Windows will assemble incoming packets into a linked list and process them in batch.
So what’s next? IppSendErrorList(), takes a boolean and passes it on to each call of IppSendError(). We don’t know what Microsoft’s variable name is, but [Marcus] is calling it always_send_icmp, because setting it to true means that each packet processed will generate an ICMP packet. The important detail is that IppSendError() can have side effects. There is a codepath where the packet gets reverted, and the processing pointer is set back to the beginning of the packet. That’s fine for the first packet in the list, but because the function processes errors on the entire list of packets, the state of the rest of those packets is now much different from what is expected.
This unexpected but of weirdness can be further abused through IPv6 packet fragmentation. With a bit of careful setup, the reversion can cause a length counter to underflow, resulting in data structure corruption, and finally jumping code execution into the packet data. That’s the Remote Code Execution (RCE). And the good news, beyond the IPv6-only nature of the flaw, is that so far it’s been difficult to actually pull the attack off, as it relies on this somewhat non-deterministic “packet coalescing” technique to trigger the flaw.
3D Printering: Klipper, The Free 3D Printer Upgrade
I have several 3D printers, and I’ve always been satisfied with using either Repetier or Marlin on all of them. There are a few other firmware versions that could run on my hardware, but those two have been all I’ve needed. Sure, it was painful for a while having to juggle features to fit the firmware image onto the smaller microcontroller boards. Now that Marlin supports big 32-bit boards however, that hasn’t been a problem. But recently, I’ve been on a program to switch everything to Klipper.
In this post, I’ll tell you why I did it and give you some data about why you might consider it, too.
The Landscape
Marlin is written in C and burned into a 3D printer’s flash memory. It does a lot. It receives G-code commands, interprets them, and translates them to meaningful actions on the hardware. Modern versions handle automatic transformations to account for lumpy beds, input shaping to reduce shaking, and linear advance to produce better prints.
It might seem simple to control a 3D printer, but there are lots of little details to take into account. For example, if you are moving the head between two XY coordinates and you expect a certain flow rate, then you have to figure out how fast to turn the steppers to get the right amount of plastic out over that time. You also may have to retract before you start a move, make sure temperatures are stable, and transform the actual coordinates based on bed leveling data. There’s a lot going on.
Klipper does the exact same job, but it does it differently. On the 3D printer board is a tiny piece of software that does very little. It’s a bit like a device driver for the printer. All by itself, it does nothing. But it can handle very basic commands that describe how to move the machine.
All the rest of the processing you expect to happen now runs on some Linux computer. That is very often a Raspberry Pi, but it could be a spare laptop, your desktop computer, or anything that will run a reasonable Linux install. Several vendors even sell single-board computers with touchscreens made specifically for running this part of Klipper.
However, even though a screen is nice, you don’t really need it. I’ll talk about that more later.
Continue reading “3D Printering: Klipper, The Free 3D Printer Upgrade”
FLOSS Weekly Episode 798: Building The Rust Desktop With COSMIC
This week Jonathan Bennett and Rob Campbell chat with Carl Richell about System 76, COSMIC, Wayland, Rust and more! What was the “last straw” that convinced System 76 to write their own desktop environment (DE)? What’s the story with smithay, and why did that jump start the whole process? Listen to find out!
Continue reading “FLOSS Weekly Episode 798: Building The Rust Desktop With COSMIC”
